Debian Bug report logs - #313615
License conflict makes binary undistributable

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: "Grzegorz B. Prokopski" <gadek@sablevm.org>

To: submit@bugs.debian.org

Subject: License conflict makes binary undistributable

Date: Tue, 14 Jun 2005 12:19:25 -0400

Package: libapache-mod-security
Severity: grave
Justification: GPL conflicts with APL and makes binary undistributable
Version: 1.8.7-1

According to http://packages.debian.org/stable/web/libapache2-mod-security
the copyright file contains BSD style license.  However the LICENSE file
clearly contains the GNU GPL license.  This is not only an issue of
consistency.  GNU GPL is known to be incompatible with previous and current
versions of Apache license.

Therefore if this module is a derived work of Apache-licensed code, then the
license conflict prevents it from being distributed (as a binary, at least).
I am afriad that it IS a derived work, given, for example, that its source
files include numerous APL-licensed headers.

Cheers,

		Grzegorz B. Prokopski
-- 
Grzegorz B. Prokopski  <gadek@debian.org>
Debian GNU/Linux       http://www.debian.org
SableVM - LGPL'ed JVM  http://www.sablevm.org
Why SableVM ?!?        http://devel.sablevm.org/wiki/WhySableVM

Message #8 received at 313615-submitter@bugs.debian.org (full text, mbox, reply):

From: browaeys.alban@wanadoo.fr

To: debian-legal@lists.debian.org

Cc: 313615-submitter@bugs.debian.org

Subject: could an apache module be gpl ?

Date: Wed, 15 Jun 2005 02:11:03 +0200

This bug report raised the issue :
http://bugs.debian.org/313615

of an apache module (libapache-mod-security) being gpl while
using apache licenced headers .

I have checked the module source and it does not ship with its
own version of the apache headers. 


It seems to me this is not an issue as modules resolves their
symbols at runtime so the "library" can be bsd or apache licenced
and the module gpl . 

Though this bug report also describe such modules as being
derived works which makes some sense ...


Thank you for any clue on this issue.
Regards
Alban

Message #13 received at 313615@bugs.debian.org (full text, mbox, reply):

From: MJ Ray <mjr@phonecoop.coop>

To: <313615@bugs.debian.org>

Subject: Further information on the GPL for an Apache module

Date: Wed, 15 Jun 2005 10:46:06 +0100

I think the section in the GPL FAQ at
http://www.gnu.org/licenses/gpl-faq.html#GPLPluginsInNF
applies, even though Apache is not non-free.

libapache-mod-chroot, libapache-mod-witch, libapache2-mod-fcgid,
libapache2-mod-ldap-userdir, libapache2-mod-xslt are also GPL.
If this is a bug, it looks like those may have similar bugs.

A common solution seems to be to get permission to link to
an APL'd work as an exception. Upstream looks alive. If
they're willing, it may be the simplest fix.

libapache2-mod-ldap-userdir has an exception for OpenSSL already.

Good luck!

-- 
MJ Ray (slef), K. Lynn, England, email see http://mjr.towers.org.uk/

Message #18 received at 313615@bugs.debian.org (full text, mbox, reply):

From: Alberto Gonzalez Iniesta <agi@inittab.org>

To: MJ Ray <mjr@phonecoop.coop>, 313615@bugs.debian.org

Subject: Re: Bug#313615: Further information on the GPL for an Apache module

Date: Wed, 15 Jun 2005 17:53:47 +0200

On Wed, Jun 15, 2005 at 10:46:06AM +0100, MJ Ray wrote:
> I think the section in the GPL FAQ at
> http://www.gnu.org/licenses/gpl-faq.html#GPLPluginsInNF
> applies, even though Apache is not non-free.
> 
> libapache-mod-chroot, libapache-mod-witch, libapache2-mod-fcgid,
> libapache2-mod-ldap-userdir, libapache2-mod-xslt are also GPL.
> If this is a bug, it looks like those may have similar bugs.
> 
> A common solution seems to be to get permission to link to
> an APL'd work as an exception. Upstream looks alive. If
> they're willing, it may be the simplest fix.
> 
> libapache2-mod-ldap-userdir has an exception for OpenSSL already.
> 

Thanks a lot for the tip! I'll talk with upstream about this. I'm sure
he'll add the permission to the license.

Regards,

Alberto

-- 
Alberto Gonzalez Iniesta    | Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred    | http://inittab.com

Key fingerprint = 9782 04E7 2B75 405C F5E9  0C81 C514 AF8E 4BA4 01C3

Message #23 received at 313615@bugs.debian.org (full text, mbox, reply):

From: Adam Conrad <adconrad@0c3.net>

To: 313615@bugs.debian.org

Subject: License conflict makes binary undistributable

Date: Tue, 27 Sep 2005 14:36:28 +1000

Hi, just a reminder on this bug.  Did you ever get around to talking to
upstream about this license conflict?  Note that, because apache almost
always links to libssl, they'll need a license exception for both Apache
and OpenSSL, as most people read things.  (I don't necessarily read it
that way, but better safe than sorry, I guess).

... Adam

Message #28 received at 313615-done@bugs.debian.org (full text, mbox, reply):

From: Martin Michlmayr <tbm@cyrius.com>

To: 277796-done@bugs.debian.org, 313615-done@bugs.debian.org, 319804-done@bugs.debian.org, 353839-done@bugs.debian.org, 317712-done@bugs.debian.org, 338409-done@bugs.debian.org

Subject: removed

Date: Sun, 2 Apr 2006 21:34:20 +0200

libapache-mod-security has been removed from Debian because it is
undistributable for legal reasons.  See #313615
-- 
Martin Michlmayr
http://www.cyrius.com/

Send a report that this bug log contains spam.